oweals/openssl.git
19 years agoWhen the return type of the function is int, it's better to return an
Richard Levitte [Thu, 9 Jun 2005 17:28:53 +0000 (17:28 +0000)]
When the return type of the function is int, it's better to return an
in than NULL, especially when an error is signalled with a negative
value.

19 years agouse "=" instead of "|=", fix typo
Nils Larsch [Wed, 8 Jun 2005 22:22:33 +0000 (22:22 +0000)]
use "=" instead of "|=", fix typo

19 years agoAvoid endless loops. Really, we were using the same variable for two
Richard Levitte [Wed, 8 Jun 2005 21:59:47 +0000 (21:59 +0000)]
Avoid endless loops.  Really, we were using the same variable for two
different conditions...

19 years agossl_create_cipher_list should return an error if no cipher could be
Nils Larsch [Wed, 8 Jun 2005 21:19:14 +0000 (21:19 +0000)]
ssl_create_cipher_list should return an error if no cipher could be
collected (see SSL_CTX_set_cipher_list manpage). Fix handling of
"cipher1+cipher2" expressions in ssl_cipher_process_rulestr.

PR: 836 + 1005

19 years ago"Liberate" dtls from BN dependency. Fix bug in replay/update.
Andy Polyakov [Tue, 7 Jun 2005 22:21:14 +0000 (22:21 +0000)]
"Liberate" dtls from BN dependency. Fix bug in replay/update.

19 years agoFix for padding X9.31 padding check and zero padding bytes.
Dr. Stephen Henson [Mon, 6 Jun 2005 22:39:43 +0000 (22:39 +0000)]
Fix for padding X9.31 padding check and zero padding bytes.

19 years agoAllow BIO_s_file to open and sequentially access files larger than 2GB on
Andy Polyakov [Mon, 6 Jun 2005 11:58:31 +0000 (11:58 +0000)]
Allow BIO_s_file to open and sequentially access files larger than 2GB on
affected platforms.
PR: 973

19 years agoFAQ to mention no-sha512 as option for compilers without support for 64-bit
Andy Polyakov [Mon, 6 Jun 2005 09:32:01 +0000 (09:32 +0000)]
FAQ to mention no-sha512 as option for compilers without support for 64-bit
integer type.

19 years agoPass INSTALL_PREFIX in BUILDENV.
Richard Levitte [Mon, 6 Jun 2005 08:52:19 +0000 (08:52 +0000)]
Pass INSTALL_PREFIX in BUILDENV.

PR: 1100

19 years agoSkipping all tests just because one algorithm is disabled seems a bit harsch.
Richard Levitte [Mon, 6 Jun 2005 08:38:05 +0000 (08:38 +0000)]
Skipping all tests just because one algorithm is disabled seems a bit harsch.

PR: 1089

19 years agoChange mention of Makefile.ssl to Makefile.
Andy Polyakov [Mon, 6 Jun 2005 08:35:49 +0000 (08:35 +0000)]
Change mention of Makefile.ssl to Makefile.

19 years ago_GNU_SOURCE needs to be defined before any standard header.
Richard Levitte [Mon, 6 Jun 2005 00:50:52 +0000 (00:50 +0000)]
_GNU_SOURCE needs to be defined before any standard header.

19 years agoUpdate from 0.9.8-stable.
Richard Levitte [Mon, 6 Jun 2005 00:42:24 +0000 (00:42 +0000)]
Update from 0.9.8-stable.

19 years agoFurther change pq_compat.h to generate the flag macros PQ_64BIT_IS_INTEGER
Richard Levitte [Mon, 6 Jun 2005 00:32:11 +0000 (00:32 +0000)]
Further change pq_compat.h to generate the flag macros PQ_64BIT_IS_INTEGER
and PQ_64BIT_IS_BIGNUM with the values 0 (for false) and 1 (for true),
depending on which is true.  Use those flags everywhere else to provide
the correct implementation for handling certain operations in q PQ_64BIT.

19 years agoDocument the change and update the version number (d'oh!).
Richard Levitte [Sun, 5 Jun 2005 23:25:29 +0000 (23:25 +0000)]
Document the change and update the version number (d'oh!).

19 years agoRemove the incorrect installation of '%{openssldir}/lib'.
Richard Levitte [Sun, 5 Jun 2005 23:15:03 +0000 (23:15 +0000)]
Remove the incorrect installation of '%{openssldir}/lib'.

PR: 1074

19 years agoChange pq_compat.h to trust the macros defined by bn.h a bit more, and thereby
Richard Levitte [Sun, 5 Jun 2005 22:42:58 +0000 (22:42 +0000)]
Change pq_compat.h to trust the macros defined by bn.h a bit more, and thereby
provide better generic support for environments that do not have 64-bit
integers.  Among others, this should solve PR 1086

19 years agogcc 2.95.3 on Ultrix supports long long.
Richard Levitte [Sun, 5 Jun 2005 22:19:24 +0000 (22:19 +0000)]
gcc 2.95.3 on Ultrix supports long long.

PR: 1091

19 years agoCorrect typo ia64.o -> bn-ia64.o.
Richard Levitte [Sun, 5 Jun 2005 22:09:10 +0000 (22:09 +0000)]
Correct typo ia64.o -> bn-ia64.o.

PR: 1094

19 years agoAdd support for the new Intel compiler, icc.
Richard Levitte [Sun, 5 Jun 2005 22:01:18 +0000 (22:01 +0000)]
Add support for the new Intel compiler, icc.
Submitted by Keith Thompson <kst@sdsc.edu>

PR: 1095

19 years agoOld typo...
Richard Levitte [Sun, 5 Jun 2005 21:54:48 +0000 (21:54 +0000)]
Old typo...

PR: 1097

19 years agoUpdated support for NetWare, submitted by Verdon Walker <VWalker@novell.com>.
Richard Levitte [Sun, 5 Jun 2005 21:47:19 +0000 (21:47 +0000)]
Updated support for NetWare, submitted by Verdon Walker <VWalker@novell.com>.

PR: 1098

19 years agoNew function, DSO_pathbyaddr, to find pathname for loaded shared object
Andy Polyakov [Sun, 5 Jun 2005 18:13:38 +0000 (18:13 +0000)]
New function, DSO_pathbyaddr, to find pathname for loaded shared object
by an address within it. Tested on Linux, Solaris, IRIX, Tru64, Darwin,
HP-UX, Win32, few BSD flavors...

19 years agoUnify BSDi target.
Andy Polyakov [Sun, 5 Jun 2005 18:10:19 +0000 (18:10 +0000)]
Unify BSDi target.

19 years ago./PROBLEMS to mention workarounds for ULTRIX build problems.
Andy Polyakov [Sun, 5 Jun 2005 18:03:37 +0000 (18:03 +0000)]
./PROBLEMS to mention workarounds for ULTRIX build problems.
PR: 1092

19 years agoThe macro THREADS was changed to OPENSSL_THREADS a long time ago.
Richard Levitte [Sat, 4 Jun 2005 08:44:02 +0000 (08:44 +0000)]
The macro THREADS was changed to OPENSSL_THREADS a long time ago.

PR: 1096

19 years agoFrom 0.9.8-stable:
Richard Levitte [Sat, 4 Jun 2005 04:18:26 +0000 (04:18 +0000)]
From 0.9.8-stable:

handshake_write_seq is an unsigned short, so treat it like one

19 years agoUse correct name for config file env variable.
Dr. Stephen Henson [Thu, 2 Jun 2005 23:19:56 +0000 (23:19 +0000)]
Use correct name for config file env variable.

19 years agoTypo.
Dr. Stephen Henson [Thu, 2 Jun 2005 20:29:32 +0000 (20:29 +0000)]
Typo.

19 years agoUpdate CHANGES.
Dr. Stephen Henson [Thu, 2 Jun 2005 20:11:16 +0000 (20:11 +0000)]
Update CHANGES.

19 years agoFix inconsistensy between 8 and HEAD.
Andy Polyakov [Thu, 2 Jun 2005 18:28:27 +0000 (18:28 +0000)]
Fix inconsistensy between 8 and HEAD.

19 years agoPSS update [from 0.9.7].
Andy Polyakov [Thu, 2 Jun 2005 18:25:36 +0000 (18:25 +0000)]
PSS update [from 0.9.7].

19 years agocheck return value
Nils Larsch [Wed, 1 Jun 2005 22:35:01 +0000 (22:35 +0000)]
check return value

19 years agoUpdate from 0.9.7-stable.
Dr. Stephen Henson [Wed, 1 Jun 2005 22:14:04 +0000 (22:14 +0000)]
Update from 0.9.7-stable.

19 years agoSynchronise yet a little more with the Unixly build
Richard Levitte [Wed, 1 Jun 2005 16:24:15 +0000 (16:24 +0000)]
Synchronise yet a little more with the Unixly build

19 years agoclear error queue on success and return NULL if no cert could be read
Nils Larsch [Wed, 1 Jun 2005 08:38:44 +0000 (08:38 +0000)]
clear error queue on success and return NULL if no cert could be read

PR: 1088

19 years agofix assertion
Nils Larsch [Tue, 31 May 2005 20:39:16 +0000 (20:39 +0000)]
fix assertion

19 years agoSynchronise more with the Unix build.
Richard Levitte [Tue, 31 May 2005 20:28:41 +0000 (20:28 +0000)]
Synchronise more with the Unix build.

19 years agochanges from 0.9.8
Nils Larsch [Tue, 31 May 2005 18:22:53 +0000 (18:22 +0000)]
changes from 0.9.8

19 years agoinclude opensslconf.h if OPENSSL_NO_* is used
Nils Larsch [Tue, 31 May 2005 17:36:06 +0000 (17:36 +0000)]
include opensslconf.h if OPENSSL_NO_* is used

19 years ago"Show" more respect to no-sha* config options.
Andy Polyakov [Tue, 31 May 2005 16:36:27 +0000 (16:36 +0000)]
"Show" more respect to no-sha* config options.
PR: 1086

19 years agoMention more GCC bugs in ./PROBLEMS.
Andy Polyakov [Tue, 31 May 2005 12:39:54 +0000 (12:39 +0000)]
Mention more GCC bugs in ./PROBLEMS.

19 years agoMissing sparcv8.o rule.
Andy Polyakov [Tue, 31 May 2005 12:17:35 +0000 (12:17 +0000)]
Missing sparcv8.o rule.
PR: 1082

19 years agoFix typo in ./config.
Andy Polyakov [Tue, 31 May 2005 11:34:33 +0000 (11:34 +0000)]
Fix typo in ./config.

19 years agoPlatform update from 8-stable.
Andy Polyakov [Tue, 31 May 2005 11:07:27 +0000 (11:07 +0000)]
Platform update from 8-stable.

19 years agoPlatform update from 8-stable.
Andy Polyakov [Tue, 31 May 2005 09:39:03 +0000 (09:39 +0000)]
Platform update from 8-stable.

19 years agoMerge from 0.9.8-stable.
Richard Levitte [Mon, 30 May 2005 23:26:04 +0000 (23:26 +0000)]
Merge from 0.9.8-stable.

19 years agoMerge in the new news from 0.9.8-stable.
Richard Levitte [Mon, 30 May 2005 22:51:28 +0000 (22:51 +0000)]
Merge in the new news from 0.9.8-stable.

19 years agoDJGPP changes. Contributed by Doug Kaufman <dkaufman@rahul.net>
Richard Levitte [Mon, 30 May 2005 22:37:44 +0000 (22:37 +0000)]
DJGPP changes.  Contributed by Doug Kaufman <dkaufman@rahul.net>

19 years agopqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't
Richard Levitte [Mon, 30 May 2005 22:34:37 +0000 (22:34 +0000)]
pqueue and dtls uses 64-bit values.  Unfortunately, OpenSSL doesn't
have a uniform representation for those over all architectures, so a
little bit of hackery is needed.

Contributed by nagendra modadugu <nagendra@cs.stanford.edu>

19 years agoSynchronise with Unixly build
Richard Levitte [Mon, 30 May 2005 22:26:30 +0000 (22:26 +0000)]
Synchronise with Unixly build

19 years agoChange all relevant occurences of 'ncipher' to 'chil'. That's what nCipher always...
Richard Levitte [Mon, 30 May 2005 05:17:02 +0000 (05:17 +0000)]
Change all relevant occurences of 'ncipher' to 'chil'.  That's what nCipher always wanted...

19 years agoUpdate from stable branch.
Dr. Stephen Henson [Mon, 30 May 2005 00:29:16 +0000 (00:29 +0000)]
Update from stable branch.

19 years agoChange the source and output paths for 'chil' and '4758cca' engines so that
Geoff Thorpe [Sun, 29 May 2005 19:14:21 +0000 (19:14 +0000)]
Change the source and output paths for 'chil' and '4758cca' engines so that
dynamic loading is consistent with respect to engine ids.

19 years agoWe have some source with \r\n as line ends. DEC C informs about that,
Richard Levitte [Sun, 29 May 2005 12:13:51 +0000 (12:13 +0000)]
We have some source with \r\n as line ends.  DEC C informs about that,
and I really can't be bothered...

19 years agoTypo
Richard Levitte [Sun, 29 May 2005 12:11:50 +0000 (12:11 +0000)]
Typo

19 years agoAdd pss/x931 files.
Dr. Stephen Henson [Sat, 28 May 2005 20:44:37 +0000 (20:44 +0000)]
Add pss/x931 files.

19 years agoUpdate from 0.9.7-stable. Also repatch and rebuild error codes.
Dr. Stephen Henson [Sat, 28 May 2005 20:44:02 +0000 (20:44 +0000)]
Update from 0.9.7-stable. Also repatch and rebuild error codes.

19 years agoUse BN_with_flags() in a cleaner way.
Bodo Möller [Fri, 27 May 2005 15:38:53 +0000 (15:38 +0000)]
Use BN_with_flags() in a cleaner way.

19 years agoAssing check_{cert,crl}_time to 'ok' variable so it returns errors on
Dr. Stephen Henson [Fri, 27 May 2005 13:19:25 +0000 (13:19 +0000)]
Assing check_{cert,crl}_time to 'ok' variable so it returns errors on
expiry.

19 years agomake sure DSA signing exponentiations really are constant-time
Bodo Möller [Thu, 26 May 2005 04:40:52 +0000 (04:40 +0000)]
make sure DSA signing exponentiations really are constant-time

19 years agocheck BN_copy() return value
Bodo Möller [Thu, 26 May 2005 04:30:49 +0000 (04:30 +0000)]
check BN_copy() return value

19 years agoHandle differences between engine IDs and their dynamic library names (and
Geoff Thorpe [Wed, 25 May 2005 02:54:28 +0000 (02:54 +0000)]
Handle differences between engine IDs and their dynamic library names (and
source files, for that matter) by tolerating the alternatives. It would be
preferable to also change the generated shared library names, but that will
be taken up separately.

19 years agoIt seems like mkdef.pl couldn't quite understand that #ifdef OPENSSL_NO_SHA512
Richard Levitte [Tue, 24 May 2005 03:39:08 +0000 (03:39 +0000)]
It seems like mkdef.pl couldn't quite understand that #ifdef OPENSSL_NO_SHA512
was still active when it came down to the functions.  mkdef.pl should really
be corrected, but that'll be another day...

19 years agoTypo correction
Richard Levitte [Tue, 24 May 2005 03:27:15 +0000 (03:27 +0000)]
Typo correction

19 years agoDEC C complains about bad subscript, but we know better, so let's shut it up.
Richard Levitte [Tue, 24 May 2005 03:22:53 +0000 (03:22 +0000)]
DEC C complains about bad subscript, but we know better, so let's shut it up.

19 years agoBe more consistent with OPENSSL_NO_SHA256.
Andy Polyakov [Sun, 22 May 2005 10:27:59 +0000 (10:27 +0000)]
Be more consistent with OPENSSL_NO_SHA256.

19 years agoOPENSSL_NO_SHA512 to mask even SHA512_CTX declaration. This is done to
Andy Polyakov [Sun, 22 May 2005 08:55:15 +0000 (08:55 +0000)]
OPENSSL_NO_SHA512 to mask even SHA512_CTX declaration. This is done to
make no-sha512 more effective on platforms, which don't support 64-bit
integer type of *any* kind.

19 years agoStill SEGV trouble in .init segment under Solaris x86...
Andy Polyakov [Sat, 21 May 2005 17:49:10 +0000 (17:49 +0000)]
Still SEGV trouble in .init segment under Solaris x86...

19 years agoWhen _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in
Richard Levitte [Sat, 21 May 2005 17:39:43 +0000 (17:39 +0000)]
When _XOPEN_SOURCE is defined, make sure it's defined to 500.  Required in
http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html.

Notified by David Wolfe <dwolfe5272@yahoo.com>

19 years agoDefault to no-sse2 on selected platforms.
Andy Polyakov [Sat, 21 May 2005 16:50:27 +0000 (16:50 +0000)]
Default to no-sse2 on selected platforms.

19 years agoPatches for Cygwin, provided by Corinna Vinschen <vinschen@redhat.com>
Richard Levitte [Sat, 21 May 2005 16:41:34 +0000 (16:41 +0000)]
Patches for Cygwin, provided by Corinna Vinschen <vinschen@redhat.com>

19 years agoPropagate BUILDENV into subdirectories.
Ben Laurie [Sat, 21 May 2005 16:13:36 +0000 (16:13 +0000)]
Propagate BUILDENV into subdirectories.

19 years agoMove _WIN32_WINNT definition from command line to e_os.h. The change is
Andy Polyakov [Sat, 21 May 2005 13:19:27 +0000 (13:19 +0000)]
Move _WIN32_WINNT definition from command line to e_os.h. The change is
inspired by VC6 failure report. In addition abstain from taking screen
snapshots when running in NT service context.

19 years agofix typo, add prototype
Nils Larsch [Fri, 20 May 2005 22:55:10 +0000 (22:55 +0000)]
fix typo, add prototype

19 years agofix potential memory leak
Nils Larsch [Thu, 19 May 2005 22:10:40 +0000 (22:10 +0000)]
fix potential memory leak

Submitted by: Goetz Babin-Ebell

19 years agoupdate ecdsa doc
Nils Larsch [Thu, 19 May 2005 20:54:30 +0000 (20:54 +0000)]
update ecdsa doc

19 years agoFAQ to mention no-sse2.
Andy Polyakov [Thu, 19 May 2005 19:54:49 +0000 (19:54 +0000)]
FAQ to mention no-sse2.

19 years agoUpdate status information
Richard Levitte [Thu, 19 May 2005 19:43:28 +0000 (19:43 +0000)]
Update status information

19 years agofix "dereferencing type-punned pointer will break strict-aliasing rules"
Nils Larsch [Thu, 19 May 2005 12:01:51 +0000 (12:01 +0000)]
fix "dereferencing type-punned pointer will break strict-aliasing rules"
warning when using gcc 4.0

19 years agomake the type parameter const when ID2_OF_const() is used
Nils Larsch [Wed, 18 May 2005 22:30:38 +0000 (22:30 +0000)]
make the type parameter const when ID2_OF_const() is used

19 years agoFAQ update to mention Applink.
Andy Polyakov [Wed, 18 May 2005 13:35:54 +0000 (13:35 +0000)]
FAQ update to mention Applink.

19 years agoDon't emit SSE2 instructions unless were asked to.
Andy Polyakov [Wed, 18 May 2005 08:42:08 +0000 (08:42 +0000)]
Don't emit SSE2 instructions unless were asked to.
PR: 1073

19 years agoEngage Applink in mingw. Note that application-side module is not
Andy Polyakov [Wed, 18 May 2005 08:16:46 +0000 (08:16 +0000)]
Engage Applink in mingw. Note that application-side module is not
compiled into *our* aplpications. That's because mingw is always
consistent with itself. Having library-side code linked into .dll
makes it possible to deploy the .dll with user-code compiled with
another compiler [which is pretty much the whole point behind Applink].

19 years agoVersion changes where needed.
Richard Levitte [Wed, 18 May 2005 04:04:12 +0000 (04:04 +0000)]
Version changes where needed.

19 years agoI just branched 0.9.8, so HEAD needs to be bumped to 0.9.9-dev.
Richard Levitte [Wed, 18 May 2005 03:58:34 +0000 (03:58 +0000)]
I just branched 0.9.8, so HEAD needs to be bumped to 0.9.9-dev.

The 0.9.8 branch is called OpenSSL_0_9_8-stable.

19 years agoEngage Applink for VC builds.
Andy Polyakov [Tue, 17 May 2005 16:50:46 +0000 (16:50 +0000)]
Engage Applink for VC builds.

19 years agoKeep disclaming 16-bit support.
Andy Polyakov [Tue, 17 May 2005 13:51:36 +0000 (13:51 +0000)]
Keep disclaming 16-bit support.

19 years agosimplify EC_KEY_dup
Nils Larsch [Tue, 17 May 2005 12:23:16 +0000 (12:23 +0000)]
simplify EC_KEY_dup

19 years agomdc2test is not built by default anymore.
Andy Polyakov [Tue, 17 May 2005 06:57:45 +0000 (06:57 +0000)]
mdc2test is not built by default anymore.

19 years agofix memory leak (BIO_free_all needs pointer to first BIO)
Bodo Möller [Tue, 17 May 2005 05:52:24 +0000 (05:52 +0000)]
fix memory leak (BIO_free_all needs pointer to first BIO)

PR: 1070

19 years agoOPENSSL_Applink update.
Andy Polyakov [Tue, 17 May 2005 00:08:28 +0000 (00:08 +0000)]
OPENSSL_Applink update.

19 years agoDisclaim 16-bit support.
Andy Polyakov [Tue, 17 May 2005 00:07:13 +0000 (00:07 +0000)]
Disclaim 16-bit support.

19 years agoMove cryptlib.h prior bio.h. Actually it makes sense to include cryptlib.h
Andy Polyakov [Tue, 17 May 2005 00:01:48 +0000 (00:01 +0000)]
Move cryptlib.h prior bio.h. Actually it makes sense to include cryptlib.h
first everywhere in crypto and skip stdio.h and string.h [because it
includes them].

19 years agoImprove shell portability of new rules in Makefile.shared.
Andy Polyakov [Mon, 16 May 2005 21:05:09 +0000 (21:05 +0000)]
Improve shell portability of new rules in Makefile.shared.

19 years agoChange wording for BN_mod_exp_mont_consttime() entry
Bodo Möller [Mon, 16 May 2005 19:14:34 +0000 (19:14 +0000)]
Change wording for BN_mod_exp_mont_consttime() entry

19 years agoFurther BUILDENV refinement, further fool-proofing of Makefiles and
Andy Polyakov [Mon, 16 May 2005 16:55:47 +0000 (16:55 +0000)]
Further BUILDENV refinement, further fool-proofing of Makefiles and
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.

19 years agoFurther BUILDENV clean-up, 'make depend' is operational again.
Andy Polyakov [Mon, 16 May 2005 14:24:45 +0000 (14:24 +0000)]
Further BUILDENV clean-up, 'make depend' is operational again.

19 years agoecc api cleanup; summary:
Nils Larsch [Mon, 16 May 2005 10:11:04 +0000 (10:11 +0000)]
ecc api cleanup; summary:
- hide the EC_KEY structure definition in ec_lcl.c + add
  some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
  attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
  additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7

19 years agoImplement fixed-window exponentiation to mitigate hyper-threading
Bodo Möller [Mon, 16 May 2005 01:43:31 +0000 (01:43 +0000)]
Implement fixed-window exponentiation to mitigate hyper-threading
timing attacks.

BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for
RSA/DSA/DH private key computations unless
RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/
DH_FLAG_NO_EXP_CONSTTIME is set.

Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller